package com.hyacinth.cloudnote.modules.auth.controller;

import com.hyacinth.cloudnote.common.dto.result.ResultDTO;
import com.hyacinth.cloudnote.common.security.SecurityLog;
import com.hyacinth.cloudnote.common.security.UserPrincipal;
import com.hyacinth.cloudnote.common.security.UserPrincipalParser;
import com.hyacinth.cloudnote.common.utils.CryptoForToken;
import com.hyacinth.cloudnote.common.utils.HttpUtils;
import com.hyacinth.cloudnote.modules.auth.dto.LoginDTO;
import com.hyacinth.cloudnote.modules.auth.dto.LoginResultDTO;
import com.hyacinth.cloudnote.modules.auth.dto.RegistDTO;
import com.hyacinth.cloudnote.modules.auth.service.AuthService;
import com.hyacinth.cloudnote.modules.note.model.User;
import io.micrometer.core.annotation.Timed;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import lombok.extern.slf4j.Slf4j;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

import javax.servlet.http.HttpServletRequest;
import javax.validation.Valid;

/**
 * 认证管理API
 * @author zhangfb
 */
@Slf4j
@RestController
@RequestMapping(value = "/w/auth", produces = MediaType.APPLICATION_JSON_VALUE)
@Api(tags = {"认证管理API"}, produces = MediaType.APPLICATION_JSON_VALUE)
public class AuthController {

    @Autowired
    private AuthService authService;
    @Autowired
    private CryptoForToken cryptoForToken;

    /**
     * 用户登陆
     */
    @Timed
    @ApiOperation(value = "用户登陆")
    @PostMapping(value = "/login")
    public ResultDTO<LoginResultDTO> login(@RequestBody @Valid final LoginDTO loginDTO, final HttpServletRequest request) {
        final String clientIp = HttpUtils.getClientIP(request);
        UserPrincipal userPrincipal = authService.login(loginDTO.getUsername(), loginDTO.getPassword());
        if (SecurityLog.authentication.isInfoEnabled()) {
            SecurityLog.authentication.info("[{}]用户登录成功: Ip = {}", userPrincipal.getId(), clientIp);
        }
        String tokenString = UserPrincipalParser.pack(userPrincipal);
        LoginResultDTO resultDTO = new LoginResultDTO(userPrincipal, cryptoForToken.encrypt(tokenString));
        return ResultDTO.success(resultDTO);
    }

    /**
     * 注册用户
     */
    @Timed
    @ApiOperation(value = "注册用户")
    @PostMapping(value = "/register")
    public ResultDTO register(@RequestBody @Valid final RegistDTO registDTO, final HttpServletRequest request) {
        final String clientIp = HttpUtils.getClientIP(request);
        User user = authService.register(registDTO.getUsername(), registDTO.getMobile(), registDTO.getEmail(), registDTO.getPassword());
        if (SecurityLog.authentication.isInfoEnabled()) {
            SecurityLog.authentication.info("[{}]用户注册成功: Ip = {}", user.getId(), clientIp);
        }
        return ResultDTO.success();
    }
}
